package org.bouncycastle.jce.provider;

// BEGIN android-added
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.PublicKey;
import java.security.cert.CertPath;
import java.security.cert.CertPathParameters;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertPathValidatorResult;
import java.security.cert.CertPathValidatorSpi;
import java.security.cert.PKIXCertPathChecker;
import java.security.cert.PKIXCertPathValidatorResult;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;

import javax.security.auth.x500.X500Principal;

import org.bouncycastle.asn1.DEREncodable;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.digests.OpenSSLDigest;
import org.bouncycastle.jce.exception.ExtCertPathValidatorException;
import org.bouncycastle.x509.ExtendedPKIXParameters;

/**
 * CertPathValidatorSpi implementation for X.509 Certificate validation � la RFC
 * 3280.
 */
@SuppressWarnings({ "rawtypes", "unchecked", "deprecation" })
public class PKIXCertPathValidatorSpi extends CertPathValidatorSpi {
    // BEGIN android-added

    // From
    // http://src.chromium.org/viewvc/chrome/trunk/src/net/base/x509_certificate.cc?revision=78748&view=markup
    private static final Set<BigInteger> SERIAL_BLACKLIST = new HashSet<BigInteger>(
            Arrays.asList(
                    // Not a real certificate. For testing only.
                    new BigInteger(1, new byte[] { (byte) 0x07, (byte) 0x7a,
                            (byte) 0x59, (byte) 0xbc, (byte) 0xd5, (byte) 0x34,
                            (byte) 0x59, (byte) 0x60, (byte) 0x1c, (byte) 0xa6,
                            (byte) 0x90, (byte) 0x72, (byte) 0x67, (byte) 0xa6,
                            (byte) 0xdd, (byte) 0x1c }),

                    new BigInteger(1, new byte[] { (byte) 0x04, (byte) 0x7e,
                            (byte) 0xcb, (byte) 0xe9, (byte) 0xfc, (byte) 0xa5,
                            (byte) 0x5f, (byte) 0x7b, (byte) 0xd0, (byte) 0x9e,
                            (byte) 0xae, (byte) 0x36, (byte) 0xe1, (byte) 0x0c,
                            (byte) 0xae, (byte) 0x1e }), new BigInteger(1,
                            new byte[] { (byte) 0xd8, (byte) 0xf3, (byte) 0x5f,
                                    (byte) 0x4e, (byte) 0xb7, (byte) 0x87,
                                    (byte) 0x2b, (byte) 0x2d, (byte) 0xab,
                                    (byte) 0x06, (byte) 0x92, (byte) 0xe3,
                                    (byte) 0x15, (byte) 0x38, (byte) 0x2f,
                                    (byte) 0xb0 }), new BigInteger(1,
                            new byte[] { (byte) 0xb0, (byte) 0xb7, (byte) 0x13,
                                    (byte) 0x3e, (byte) 0xd0, (byte) 0x96,
                                    (byte) 0xf9, (byte) 0xb5, (byte) 0x6f,
                                    (byte) 0xae, (byte) 0x91, (byte) 0xc8,
                                    (byte) 0x74, (byte) 0xbd, (byte) 0x3a,
                                    (byte) 0xc0 }), new BigInteger(1,
                            new byte[] { (byte) 0x92, (byte) 0x39, (byte) 0xd5,
                                    (byte) 0x34, (byte) 0x8f, (byte) 0x40,
                                    (byte) 0xd1, (byte) 0x69, (byte) 0x5a,
                                    (byte) 0x74, (byte) 0x54, (byte) 0x70,
                                    (byte) 0xe1, (byte) 0xf2, (byte) 0x3f,
                                    (byte) 0x43 }), new BigInteger(1,
                            new byte[] { (byte) 0xe9, (byte) 0x02, (byte) 0x8b,
                                    (byte) 0x95, (byte) 0x78, (byte) 0xe4,
                                    (byte) 0x15, (byte) 0xdc, (byte) 0x1a,
                                    (byte) 0x71, (byte) 0x0a, (byte) 0x2b,
                                    (byte) 0x88, (byte) 0x15, (byte) 0x44,
                                    (byte) 0x47 }), new BigInteger(1,
                            new byte[] { (byte) 0xd7, (byte) 0x55, (byte) 0x8f,
                                    (byte) 0xda, (byte) 0xf5, (byte) 0xf1,
                                    (byte) 0x10, (byte) 0x5b, (byte) 0xb2,
                                    (byte) 0x13, (byte) 0x28, (byte) 0x2b,
                                    (byte) 0x70, (byte) 0x77, (byte) 0x29,
                                    (byte) 0xa3 }), new BigInteger(1,
                            new byte[] { (byte) 0xf5, (byte) 0xc8, (byte) 0x6a,
                                    (byte) 0xf3, (byte) 0x61, (byte) 0x62,
                                    (byte) 0xf1, (byte) 0x3a, (byte) 0x64,
                                    (byte) 0xf5, (byte) 0x4f, (byte) 0x6d,
                                    (byte) 0xc9, (byte) 0x58, (byte) 0x7c,
                                    (byte) 0x06 }), new BigInteger(1,
                            new byte[] { (byte) 0x39, (byte) 0x2a, (byte) 0x43,
                                    (byte) 0x4f, (byte) 0x0e, (byte) 0x07,
                                    (byte) 0xdf, (byte) 0x1f, (byte) 0x8a,
                                    (byte) 0xa3, (byte) 0x05, (byte) 0xde,
                                    (byte) 0x34, (byte) 0xe0, (byte) 0xc2,
                                    (byte) 0x29 }), new BigInteger(1,
                            new byte[] { (byte) 0x3e, (byte) 0x75, (byte) 0xce,
                                    (byte) 0xd4, (byte) 0x6b, (byte) 0x69,
                                    (byte) 0x30, (byte) 0x21, (byte) 0x21,
                                    (byte) 0x88, (byte) 0x30, (byte) 0xae,
                                    (byte) 0x86, (byte) 0xa8, (byte) 0x2a,
                                    (byte) 0x71 })));

    // From
    // http://src.chromium.org/viewvc/chrome/branches/782/src/net/base/x509_certificate.cc?r1=98750&r2=98749&pathrev=98750
    private static final byte[][] PUBLIC_KEY_SHA1_BLACKLIST = {
            // C=NL, O=DigiNotar, CN=DigiNotar Root
            // CA/emailAddress=info@diginotar.nl
            { (byte) 0x41, (byte) 0x0f, (byte) 0x36, (byte) 0x36, (byte) 0x32,
                    (byte) 0x58, (byte) 0xf3, (byte) 0x0b, (byte) 0x34,
                    (byte) 0x7d, (byte) 0x12, (byte) 0xce, (byte) 0x48,
                    (byte) 0x63, (byte) 0xe4, (byte) 0x33, (byte) 0x43,
                    (byte) 0x78, (byte) 0x06, (byte) 0xa8 },
            // Subject: CN=DigiNotar Cyber CA
            // Issuer: CN=GTE CyberTrust Global Root
            { (byte) 0xba, (byte) 0x3e, (byte) 0x7b, (byte) 0xd3, (byte) 0x8c,
                    (byte) 0xd7, (byte) 0xe1, (byte) 0xe6, (byte) 0xb9,
                    (byte) 0xcd, (byte) 0x4c, (byte) 0x21, (byte) 0x99,
                    (byte) 0x62, (byte) 0xe5, (byte) 0x9d, (byte) 0x7a,
                    (byte) 0x2f, (byte) 0x4e, (byte) 0x37 },
            // Subject: CN=DigiNotar Services 1024 CA
            // Issuer: CN=Entrust.net
            { (byte) 0xe2, (byte) 0x3b, (byte) 0x8d, (byte) 0x10, (byte) 0x5f,
                    (byte) 0x87, (byte) 0x71, (byte) 0x0a, (byte) 0x68,
                    (byte) 0xd9, (byte) 0x24, (byte) 0x80, (byte) 0x50,
                    (byte) 0xeb, (byte) 0xef, (byte) 0xc6, (byte) 0x27,
                    (byte) 0xbe, (byte) 0x4c, (byte) 0xa6 },
            // Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2
            // Issuer: CN=Staat der Nederlanden Organisatie CA - G2
            { (byte) 0x7b, (byte) 0x2e, (byte) 0x16, (byte) 0xbc, (byte) 0x39,
                    (byte) 0xbc, (byte) 0xd7, (byte) 0x2b, (byte) 0x45,
                    (byte) 0x6e, (byte) 0x9f, (byte) 0x05, (byte) 0x5d,
                    (byte) 0x1d, (byte) 0xe6, (byte) 0x15, (byte) 0xb7,
                    (byte) 0x49, (byte) 0x45, (byte) 0xdb },
            // Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven
            // Issuer: CN=Staat der Nederlanden Overheid CA
            { (byte) 0xe8, (byte) 0xf9, (byte) 0x12, (byte) 0x00, (byte) 0xc6,
                    (byte) 0x5c, (byte) 0xee, (byte) 0x16, (byte) 0xe0,
                    (byte) 0x39, (byte) 0xb9, (byte) 0xf8, (byte) 0x83,
                    (byte) 0x84, (byte) 0x16, (byte) 0x61, (byte) 0x63,
                    (byte) 0x5f, (byte) 0x81, (byte) 0xc5 }, };

    private static boolean isPublicKeyBlackListed(PublicKey publicKey) {
        byte[] encoded = publicKey.getEncoded();
        Digest digest = new OpenSSLDigest.SHA1();
        digest.update(encoded, 0, encoded.length);
        byte[] out = new byte[digest.getDigestSize()];
        digest.doFinal(out, 0);

        for (byte[] sha1 : PUBLIC_KEY_SHA1_BLACKLIST) {
            if (Arrays.equals(out, sha1)) {
                return true;
            }
        }
        return false;
    }

    // END android-added

    @SuppressWarnings("unused")
    public CertPathValidatorResult engineValidate(CertPath certPath,
            CertPathParameters params) throws CertPathValidatorException,
            InvalidAlgorithmParameterException {
        if (!(params instanceof PKIXParameters)) {
            throw new InvalidAlgorithmParameterException(
                    "Parameters must be a " + PKIXParameters.class.getName()
                            + " instance.");
        }

        ExtendedPKIXParameters paramsPKIX;
        if (params instanceof ExtendedPKIXParameters) {
            paramsPKIX = (ExtendedPKIXParameters) params;
        } else {
            paramsPKIX = ExtendedPKIXParameters
                    .getInstance((PKIXParameters) params);
        }
        if (paramsPKIX.getTrustAnchors() == null) {
            throw new InvalidAlgorithmParameterException(
                    "trustAnchors is null, this is not allowed for certification path validation.");
        }

        //
        // 6.1.1 - inputs
        //

        //
        // (a)
        //
        List certs = certPath.getCertificates();
        int n = certs.size();

        if (certs.isEmpty()) {
            throw new CertPathValidatorException(
                    "Certification path is empty.", null, certPath, 0);
        }
        // BEGIN android-added
        {
            X509Certificate cert = (X509Certificate) certs.get(0);

            if (cert != null) {
                BigInteger serial = cert.getSerialNumber();
                if (serial != null && SERIAL_BLACKLIST.contains(serial)) {
                    // emulate CRL exception message in
                    // RFC3280CertPathUtilities.checkCRLs
                    String message = "Certificate revocation of serial 0x"
                            + serial.toString(16);
                    System.out.println(message);
                    AnnotatedException e = new AnnotatedException(message);
                    throw new CertPathValidatorException(e.getMessage(), e,
                            certPath, 0);
                }
            }
        }
        // END android-added

        //
        // (b)
        //
        // Date validDate = CertPathValidatorUtilities.getValidDate(paramsPKIX);

        //
        // (c)
        //
        Set userInitialPolicySet = paramsPKIX.getInitialPolicies();

        //
        // (d)
        //
        TrustAnchor trust;
        try {
            trust = CertPathValidatorUtilities.findTrustAnchor(
                    (X509Certificate) certs.get(certs.size() - 1),
                    paramsPKIX.getTrustAnchors(), paramsPKIX.getSigProvider());
        } catch (AnnotatedException e) {
            throw new CertPathValidatorException(e.getMessage(), e, certPath,
                    certs.size() - 1);
        }

        if (trust == null) {
            throw new CertPathValidatorException(
                    "Trust anchor for certification path not found.", null,
                    certPath, -1);
        }

        //
        // (e), (f), (g) are part of the paramsPKIX object.
        //
        Iterator certIter;
        int index = 0;
        int i;
        // Certificate for each interation of the validation loop
        // Signature information for each iteration of the validation loop
        //
        // 6.1.2 - setup
        //

        //
        // (a)
        //
        List[] policyNodes = new ArrayList[n + 1];
        for (int j = 0; j < policyNodes.length; j++) {
            policyNodes[j] = new ArrayList();
        }

        Set policySet = new HashSet();

        policySet.add(RFC3280CertPathUtilities.ANY_POLICY);

        PKIXPolicyNode validPolicyTree = new PKIXPolicyNode(new ArrayList(), 0,
                policySet, null, new HashSet(),
                RFC3280CertPathUtilities.ANY_POLICY, false);

        policyNodes[0].add(validPolicyTree);

        //
        // (b) and (c)
        //
        PKIXNameConstraintValidator nameConstraintValidator = new PKIXNameConstraintValidator();

        // (d)
        //
        int explicitPolicy;
        Set acceptablePolicies = new HashSet();

        if (paramsPKIX.isExplicitPolicyRequired()) {
            explicitPolicy = 0;
        } else {
            explicitPolicy = n + 1;
        }

        //
        // (e)
        //
        int inhibitAnyPolicy;

        if (paramsPKIX.isAnyPolicyInhibited()) {
            inhibitAnyPolicy = 0;
        } else {
            inhibitAnyPolicy = n + 1;
        }

        //
        // (f)
        //
        int policyMapping;

        if (paramsPKIX.isPolicyMappingInhibited()) {
            policyMapping = 0;
        } else {
            policyMapping = n + 1;
        }

        //
        // (g), (h), (i), (j)
        //
        PublicKey workingPublicKey;
        X500Principal workingIssuerName;

        X509Certificate sign = trust.getTrustedCert();
        try {
            if (sign != null) {
                workingIssuerName = CertPathValidatorUtilities
                        .getSubjectPrincipal(sign);
                workingPublicKey = sign.getPublicKey();
            } else {
                workingIssuerName = new X500Principal(trust.getCAName());
                workingPublicKey = trust.getCAPublicKey();
            }
        } catch (IllegalArgumentException ex) {
            throw new ExtCertPathValidatorException(
                    "Subject of trust anchor could not be (re)encoded.", ex,
                    certPath, -1);
        }

        AlgorithmIdentifier workingAlgId = null;
        try {
            workingAlgId = CertPathValidatorUtilities
                    .getAlgorithmIdentifier(workingPublicKey);
        } catch (CertPathValidatorException e) {
            throw new ExtCertPathValidatorException(
                    "Algorithm identifier of public key of trust anchor could not be read.",
                    e, certPath, -1);
        }
        DERObjectIdentifier workingPublicKeyAlgorithm = workingAlgId
                .getObjectId();
        DEREncodable workingPublicKeyParameters = workingAlgId.getParameters();

        //
        // (k)
        //
        int maxPathLength = n;

        //
        // 6.1.3
        //

        if (paramsPKIX.getTargetConstraints() != null
                && !paramsPKIX.getTargetConstraints().match(
                        (X509Certificate) certs.get(0))) {
            throw new ExtCertPathValidatorException(
                    "Target certificate in certification path does not match targetConstraints.",
                    null, certPath, 0);
        }

        //
        // initialize CertPathChecker's
        //
        List pathCheckers = paramsPKIX.getCertPathCheckers();
        certIter = pathCheckers.iterator();
        while (certIter.hasNext()) {
            ((PKIXCertPathChecker) certIter.next()).init(false);
        }

        X509Certificate cert = null;

        for (index = certs.size() - 1; index >= 0; index--) {
            // BEGIN android-added
            if (isPublicKeyBlackListed(workingPublicKey)) {
                // emulate CRL exception message in
                // RFC3280CertPathUtilities.checkCRLs
                String message = "Certificate revocation of public key "
                        + workingPublicKey;
                System.out.println(message);
                AnnotatedException e = new AnnotatedException(message);
                throw new CertPathValidatorException(e.getMessage(), e,
                        certPath, index);
            }
            // END android-added
            // try
            // {
            //
            // i as defined in the algorithm description
            //
            i = n - index;

            //
            // set certificate to be checked in this round
            // sign and workingPublicKey and workingIssuerName are set
            // at the end of the for loop and initialized the
            // first time from the TrustAnchor
            //
            cert = (X509Certificate) certs.get(index);
            boolean verificationAlreadyPerformed = (index == certs.size() - 1);

            //
            // 6.1.3
            //

            RFC3280CertPathUtilities.processCertA(certPath, paramsPKIX, index,
                    workingPublicKey, verificationAlreadyPerformed,
                    workingIssuerName, sign);

            RFC3280CertPathUtilities.processCertBC(certPath, index,
                    nameConstraintValidator);

            validPolicyTree = RFC3280CertPathUtilities.processCertD(certPath,
                    index, acceptablePolicies, validPolicyTree, policyNodes,
                    inhibitAnyPolicy);

            validPolicyTree = RFC3280CertPathUtilities.processCertE(certPath,
                    index, validPolicyTree);

            RFC3280CertPathUtilities.processCertF(certPath, index,
                    validPolicyTree, explicitPolicy);

            //
            // 6.1.4
            //

            if (i != n) {
                if (cert != null && cert.getVersion() == 1) {
                    throw new CertPathValidatorException(
                            "Version 1 certificates can't be used as CA ones.",
                            null, certPath, index);
                }

                RFC3280CertPathUtilities.prepareNextCertA(certPath, index);

                validPolicyTree = RFC3280CertPathUtilities.prepareCertB(
                        certPath, index, policyNodes, validPolicyTree,
                        policyMapping);

                RFC3280CertPathUtilities.prepareNextCertG(certPath, index,
                        nameConstraintValidator);

                // (h)
                explicitPolicy = RFC3280CertPathUtilities.prepareNextCertH1(
                        certPath, index, explicitPolicy);
                policyMapping = RFC3280CertPathUtilities.prepareNextCertH2(
                        certPath, index, policyMapping);
                inhibitAnyPolicy = RFC3280CertPathUtilities.prepareNextCertH3(
                        certPath, index, inhibitAnyPolicy);

                //
                // (i)
                //
                explicitPolicy = RFC3280CertPathUtilities.prepareNextCertI1(
                        certPath, index, explicitPolicy);
                policyMapping = RFC3280CertPathUtilities.prepareNextCertI2(
                        certPath, index, policyMapping);

                // (j)
                inhibitAnyPolicy = RFC3280CertPathUtilities.prepareNextCertJ(
                        certPath, index, inhibitAnyPolicy);

                // (k)
                RFC3280CertPathUtilities.prepareNextCertK(certPath, index);

                // (l)
                maxPathLength = RFC3280CertPathUtilities.prepareNextCertL(
                        certPath, index, maxPathLength);

                // (m)
                maxPathLength = RFC3280CertPathUtilities.prepareNextCertM(
                        certPath, index, maxPathLength);

                // (n)
                RFC3280CertPathUtilities.prepareNextCertN(certPath, index);

                Set criticalExtensions = cert.getCriticalExtensionOIDs();
                if (criticalExtensions != null) {
                    criticalExtensions = new HashSet(criticalExtensions);

                    // these extensions are handled by the algorithm
                    criticalExtensions
                            .remove(RFC3280CertPathUtilities.KEY_USAGE);
                    criticalExtensions
                            .remove(RFC3280CertPathUtilities.CERTIFICATE_POLICIES);
                    criticalExtensions
                            .remove(RFC3280CertPathUtilities.POLICY_MAPPINGS);
                    criticalExtensions
                            .remove(RFC3280CertPathUtilities.INHIBIT_ANY_POLICY);
                    criticalExtensions
                            .remove(RFC3280CertPathUtilities.ISSUING_DISTRIBUTION_POINT);
                    criticalExtensions
                            .remove(RFC3280CertPathUtilities.DELTA_CRL_INDICATOR);
                    criticalExtensions
                            .remove(RFC3280CertPathUtilities.POLICY_CONSTRAINTS);
                    criticalExtensions
                            .remove(RFC3280CertPathUtilities.BASIC_CONSTRAINTS);
                    criticalExtensions
                            .remove(RFC3280CertPathUtilities.SUBJECT_ALTERNATIVE_NAME);
                    criticalExtensions
                            .remove(RFC3280CertPathUtilities.NAME_CONSTRAINTS);
                } else {
                    criticalExtensions = new HashSet();
                }

                // (o)
                RFC3280CertPathUtilities.prepareNextCertO(certPath, index,
                        criticalExtensions, pathCheckers);

                // set signing certificate for next round
                sign = cert;

                // (c)
                workingIssuerName = CertPathValidatorUtilities
                        .getSubjectPrincipal(sign);

                // (d)
                try {
                    workingPublicKey = CertPathValidatorUtilities
                            .getNextWorkingKey(certPath.getCertificates(),
                                    index);
                } catch (CertPathValidatorException e) {
                    throw new CertPathValidatorException(
                            "Next working key could not be retrieved.", e,
                            certPath, index);
                }

                workingAlgId = CertPathValidatorUtilities
                        .getAlgorithmIdentifier(workingPublicKey);
                // (f)
                workingPublicKeyAlgorithm = workingAlgId.getObjectId();
                // (e)
                workingPublicKeyParameters = workingAlgId.getParameters();
            }
        }

        //
        // 6.1.5 Wrap-up procedure
        //

        explicitPolicy = RFC3280CertPathUtilities.wrapupCertA(explicitPolicy,
                cert);

        explicitPolicy = RFC3280CertPathUtilities.wrapupCertB(certPath,
                index + 1, explicitPolicy);

        //
        // (c) (d) and (e) are already done
        //

        //
        // (f)
        //
        Set criticalExtensions = cert.getCriticalExtensionOIDs();

        if (criticalExtensions != null) {
            criticalExtensions = new HashSet(criticalExtensions);
            // these extensions are handled by the algorithm
            criticalExtensions.remove(RFC3280CertPathUtilities.KEY_USAGE);
            criticalExtensions
                    .remove(RFC3280CertPathUtilities.CERTIFICATE_POLICIES);
            criticalExtensions.remove(RFC3280CertPathUtilities.POLICY_MAPPINGS);
            criticalExtensions
                    .remove(RFC3280CertPathUtilities.INHIBIT_ANY_POLICY);
            criticalExtensions
                    .remove(RFC3280CertPathUtilities.ISSUING_DISTRIBUTION_POINT);
            criticalExtensions
                    .remove(RFC3280CertPathUtilities.DELTA_CRL_INDICATOR);
            criticalExtensions
                    .remove(RFC3280CertPathUtilities.POLICY_CONSTRAINTS);
            criticalExtensions
                    .remove(RFC3280CertPathUtilities.BASIC_CONSTRAINTS);
            criticalExtensions
                    .remove(RFC3280CertPathUtilities.SUBJECT_ALTERNATIVE_NAME);
            criticalExtensions
                    .remove(RFC3280CertPathUtilities.NAME_CONSTRAINTS);
            criticalExtensions
                    .remove(RFC3280CertPathUtilities.CRL_DISTRIBUTION_POINTS);
        } else {
            criticalExtensions = new HashSet();
        }

        RFC3280CertPathUtilities.wrapupCertF(certPath, index + 1, pathCheckers,
                criticalExtensions);

        PKIXPolicyNode intersection = RFC3280CertPathUtilities.wrapupCertG(
                certPath, paramsPKIX, userInitialPolicySet, index + 1,
                policyNodes, validPolicyTree, acceptablePolicies);

        if ((explicitPolicy > 0) || (intersection != null)) {
            return new PKIXCertPathValidatorResult(trust, intersection,
                    cert.getPublicKey());
        }

        throw new CertPathValidatorException(
                "Path processing failed on policy.", null, certPath, index);
    }

}
